"Everyone should ensure their computer is patched against this vulnerability as soon as possible."

As well as leaving systems open to possible worm and virus threats, the flaw leaves computers vulnerable to hackers who could break into computers and take files, delete or steal valuable data, and snoop on what users are doing.

Stephen Toulouse, security program manager for Microsoft's Security Response Center, said the problem was "an extremely deep and pervasive technology in Windows" which affects the language standard that computers use to communicate with each other.

According to Sal Viveros, security expert with McAfee Security, many home users are not aware they should fix flaws and download patches when they are identified.

Historically, Mr Viveros told BBC News Online, net security firms have seen an increase in mass-mailing worm and virus attacks which try to take advantage of unpatched systems after flaws are discovered.

"There is no evidence that the recent worms [Mydoom and its variants] took advantage of this flaw," he said.

"But historically, what we have seen is that computer users do not patch their systems, which is why we continue to see such worm attacks."

He urged computer users to download the patch as soon as possible and to make sure they keep anti-virus software and firewalls up-to-date.

Microsoft criticised

Computer security company, eEye Digital Security, has criticised Microsoft for taking so long to come up with a fix.

Marc Maiffret, from eEye, said it had spotted the vulnerability and told Microsoft about it over six months ago

"This is one of the most serious Microsoft vulnerabilities ever released," said Mr Maiffret.

"The breadth of systems affected is probably the largest ever." He added that, unusually, even the most secure Windows networks would be vulnerable.

But McAfee said it was standard practice within the industry not to announce vulnerabilities as soon as they are spotted.

"Typically if someone identifies a flaw, they give the vendor a certain amount of time to fix it. If people don't know about it, virus writers are less likely to write something to take advantage of it," said Mr Viveros.

If Microsoft had announced the flaw without having a fix for it, the potential damage would have been much much worse, he added.

Steven Philippsohn, who chairs a government fraud and cybercrime panel and is a senior partner at Philippsohn Crawfords Berwald, said the delay could be a headache for Microsoft.

"I have no doubt that if manufacturers in cases like this know about a flaw in their system and don't inform at earliest opportunity possible, they could be liable for losses," Mr Philippsohn told BBC News Online.

"It has been made more serious by the fact Microsoft have accepted that they were told about the flaw months ago.

"If a company can prove they suffered losses because of this, they have a good chance of making a claim," he said.

Microsoft said it took so long because it wanted to ensure a single patch solved any related problems.